LDAP and Thunderbird

I have an ongoing project dream. Someday, have a fully functional suite of opensource-driven services available to our community that gives, if not the full functionality of something like Exchange, but gives enough so that the users can interract and exchange information cleanly, without having to jump through hoops or pay ridiculous amounts of money or subscribe to proprietary, predatory application suites.

I made another step toward this lofty goal this week.

Mmm, geekery

I had been tinkering with LDAP services for a while. The idea of a centralized general information repository that could be used for authentication, contacts, and general configuration details was appealling. LDAP is not for the weak of heart, though, and with only sporadic time to work on it, I never quite got things rolling.

I’ve recently switched to using Thunderbird as my mail client, which includes a basic address book manager, but what I really wanted to do was share my addressbook with other users and people in my community. Really the only answer to this is LDAP. So, websites bookmarked and google searches in hand, I undertook the task.

Let the yak-shaving commence!

I had already set up the LDAP server for our user, and populated it with some basic contact information. I’d had only limited success in doing contact lookups though, and had let the project lay fallow for several months. With a fresh look at things, I dusted off the configurations and took a closer look at it.

Initially, there was a lot of success. The Thunderbird Addressbook lookup was easy to configure and point at the LDAP server, and searches were working perfectly. The problem was that address completion was not working. I could type an address and have it expand on a local lookup, but addresses in the LDAP server were not coming up.

It turns out there were a few problems. First, address entries in the LDAP directory must subscribe to the Mozilla LDAP Schema. Some basic information will work without it, but to fully populate an address book entry for Thunderbird, you’ll need the schema added to your server.

Second, the LDAP interface in Thunderbird isn’t completely stable. As reported in this bug, the Addressbook LDAP configuration in Thunderbird is dead broken. It actually won’t configure anything. I confirmed this by running my server in Debug mode (slapd -d 254) and watching queries. When configured via “Preferences” “Directory servers”, no queries were sent.

To get Thunderbird to talk to LDAP for address completion, you need to right-click on the account entry, go to Properties, select Composition, and define your LDAP server there. Once you do that, you’ll start seeing queries against LDAP immediately.

But wait, there’s more! The search parameters against LDAP are not very good. The searches are doing pure left-hand matches on only a few of the attributes in LDAP. In contrast, the ‘search’ function in the Addressbook does a full search, as seen in these log entries:

As far as I can tell, there is no way to fix this behaviour. It has been opened as a bug. There is apparently a small workaround involving a hidden preference:

ldap_2.servers.MyServer.autoComplete.filterTemplate

An ancient mail posting regarding this is here. Much as I enjoy the product, I find it disheartening that this bug has been known about for over 5 years, and has still not been addressed.

Plugins

Thunderbird supports the same plugin mechanism that Firefox uses, by downloading and running ‘xpi’ scripts. I haven’t had a major need to do a lot of tuning or fiddling with the client though, but one plugin in particular has made the entire application a ‘slam dunk’ for me, as it were.

Nostalgy adds quick-searching on available mailboxes to Thunderbird. This means that if you wish to move a message to one of several folders (locally or on a remote server), all you need to do is type ‘s’, type any part of the folder name, and hit enter. Nostalgy auto-completes the best match, and files off your messages. This has been a huge interface issue for me in applications such as Evolution and (dare I say it), Outlook. Kudos to the authors of Nostalgy!

So what’s missing?

The idea of sharing an addressbook among users is great, but the big lack that I’ve found is there’s no easy way for the general user populace to edit those addressbook entries. No mail client that I’ve found supports LDAP updating directly from it’s interface. There’s various tools (such as phpLDAPadmin and JXplorer that let you maintain an LDAP directory remotely, but these require active, external work to add or maintain entries. It would be difficult to get an organization (or even a small group of people) to use these tools to maintain address lists, when all mail clients support basic local book editing on the fly.

The other missing component is a coupled scheduling / calendaring
application. This has been the ‘Holy Grail’ of opensource applications for ages, and is the primary argument companies use to keep supporting Exchange + Outlook. We’ve started using Google Calendars for shared scheduling, and it’s quite good, but is not an integrated desktop application. Someone mailing me a meeting invitation can’t be clicked on with an ‘I accept this invite’ and have it automatically added to my calendar. Perhaps this is on the way with tools like Sunbird, but it’s not here yet.

Conclusions

Overall, I’m extremely happy with Thunderbird as a mail client. I’ve made the transition from my old KMail arrangement with very little fuss (and frankly, a lot of relief over some of KMail’s very poor user interface decisions). My wife has been an email power user for ages, and up until recently was an avid Mulberry fan, but with the recent demise of Cyrusoft, Thunderbird became a natural choice. She’s been very happy with it.

With a few more tweaks, Thunderbird + LDAP could continue its maturity into an enterprise-class application. Whether these changes will be implemented and in what time frame remains to be seen.

7 thoughts on “LDAP and Thunderbird”

Re: Thunderbird and contacts (a better way)
Check out this Newsforge article:http://software.newsforge.com/software/06/04/07/1726220.shtml?tid=130
Go to the section in it titled as follows:
“Turn Thunderbird into a collaboration tool”
then check out these from that section:http://www.mozilla.org/projects/calendar/http://www.gargan.org/extensions/synckolab.html
Quote from article:
” By default, Thunderbird doesn’t have a calendar, and it lacks the ability to synchronise data between multiple clients. However, the Calendar plugin combined with the SyncKolab extension can fill the void. You also need an IMAP account, which SyncKolab uses to synchronise the contacts and calendar data. You can either use a local Kolab server or an IMAP email account; the latter option is probably easier.
Start with downloading and installing the Calendar and SyncKolab plugins, then create two folders, Contacts and Calendar, on your IMAP server. To configure SyncKolab’s preferences, choose Tools -> Extensions and double-click on SyncKolab. In the Contacts tab, select the address book you want to synchronise, select your IMAP email account, and choose the Contacts folder. If you leave the Save to Imap folder check box unticked, SyncKolab will not upload changes in your calendar and address book, but download any changes from the IMAP account. Finally, use the Sync Contacts and Sync Calendar check boxes to select what data you want to synchronise. In the Calendar tab, select what calendar you want to sync and select the Calendar folder on your IMAP email account. Click OK to save the settings and close the window. Next, you have to add the SyncKolab button to Thunderbird’s toolbar. Right-click somewhere on Thunderbird’s toolbar and select Customize. Drag the SyncKolab button onto the toolbar and press Done. To start synchronisation, click on the SyncKolab button”.

Old, I know, but damn. Mozilla should just host an LDAP server, charge for access, and fix Thunderbird so people can host/edit/sync their own address books.
Seems to work pretty good for Plaxo. I bet they could pay for something with it.

the lack of shared contact capability has baffled me for years. my org is forced to use exchange/ol and even that requires a bastardized public contacts folder approach that doesn’t really work due to ol’s idiotic caching mechanism (i update your email in the public folder, jane sends to you, outlook uses the last address jane used, not the current one on the server). to make this even funnier, m$ft is killing public folders, so even this approach won’t work anymore soon.

does every company on earth maintain a different list of contact info for everyone they communicate with??? 8 years ago LDAP seemed promising, how on earth there are still no end user interfaces to edit ldap attributes to make this approach a workable solution is mindboggling.

it would be a really interesting phd project for someone to figure out how much time the world spends asking, “can i get so and so’s new email address?”.